1. Field of the Invention
The present invention relates to a technology for providing software maintenance service for a software installed in a computer connected to a network.
2. Description of the Related Art
Software has been complicated and extensive and the development period for the software has been shortened in recent years. With these circumstances, a burden of software design and program coding on software vendors that develop and distribute software has been growing year by year.
Therefore, the software developed and distributed under these circumstances has potentially many design errors and program code errors, and software faults due to these errors may cause serious damage to users who use the software.
A fault related to security of the software in particular is called “vulnerability” or “security hole” (hereinafter, “security hole”), and third parties having no authorized right to access a computer use the security hole to make unauthorized accesses to the computer. Such accesses as above are rapidly increasing.
In general, if such a fault is found, the software vendor develops a correction program to correct a relevant program code that causes the fault (it is sometimes called “updater” or “patch”), and releases the correction program to the users without charge. The user acquires the correction program released and causes the computer to execute it, and the program code is thereby corrected.
When the correction program is released, to solve the software fault, the user has to acquire the correction program released as quickly as possible and cause the computer to execute it and to correct the program code. As a technology to correct the program code as quickly as possible, a device as follows is disclosed. The device automatically performs acquisition of a correction program for software having a fault and correction of the software by the correction program acquired (see Japanese Patent Application Laid-Open No. H11-272454).
However, when the fault is found in the software, the software vendors generally release a correction program for the fault to the users in the following steps. At first, the software vendor reproduces a symptom of the fault, creates a correction program to correct the fault, examines the correction program created, confirms that the correction program surely fixes the software fault and exerts no effect on the rest of a program other than the fault, and releases the correction program after all these steps. Therefore, a long period of time is required from finding the software fault to releasing the correction program. Consequently, the conventional technology disclosed in Japanese Patent Application Laid-Open No. H11-272454 has a problem such that the correction program cannot quickly be provided to the users. Therefore, the users have no other choice but leave the program code uncorrected until the correction program is created, and may be damaged due to occurrence of the software fault during this period.
As a method of preventing unauthorized access using the security hole, it is general to build a firewall. More specifically, source information such as an IP address of a computer, from which the unauthorized access is made, is found out from its access log, and the firewall performs a process for denying an access request, as unauthorized access, from the computer that includes the source information.
In this method, however, it is impossible to deny an access from a computer until the access from the computer is verified as unauthorized access. Another device as follows is therefore disclosed. The device checks whether an access from a computer matches any known pattern indicating unauthorized access, and denies the access as unauthorized access if there is a match (see Japanese Patent Application Laid-Open No. 2002-342279).
However, even if the conventional technology disclosed in Japanese Patent Application Laid-Open No. 2002-342279 is used, there still remains some problems on how to quickly and efficiently acquire an unauthorized access pattern that is created to deal with new unauthorized access and how to protect against the unauthorized access.